Security Advisory

CVE-2013-5321

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-08-20 14:00:00

Last updated 2024-09-16 23:11:21

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4] parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5) port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or (7) rvalue parameter in a search action to vulnmeter/index.php.

← Browse all CVEs View on cve.org ↗